package com.ocom.security.authorize;

import com.ocom.security.properties.SecurityProperties;
import lombok.AllArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.core.Ordered;
import org.springframework.core.annotation.Order;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.stereotype.Component;

/**
 * 默认授权配置提供器
 *
 */
@Component
@AllArgsConstructor
@Order(Ordered.HIGHEST_PRECEDENCE)
@Slf4j
public class YoCiAuthorizeConfigProvider implements AuthorizeConfigProvider {

	private final SecurityProperties securityProperties;

	@Override
	public boolean config(ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry config) {
		securityProperties.getIgnore().getUrls().forEach(url -> config.antMatchers(url).permitAll());
		config.antMatchers(HttpMethod.OPTIONS).permitAll();
		return true;
	}
}
